• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

domain hacked?

A

ACID25

Guest
Hi

on one of ouer servers we saw today ther load average is higher then normal. So we checked how could it happen and figure out that one domain must have a security hole
Code: 
  748 ?        S      0:00 sh -c (sleep 99999999999999;killall -9 udp) & CONSOLE=/dev/console SELINUX_INIT=YES MYSQL_UNIX_PORT=/var/lib/mysql/mysql.sock TERM=linux 
PERL5LIB=/usr/local/psa/lib/perl5/site_perl/5.8.3:/usr/local/psa/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi OLDPWD
=/var/www/vhosts/sfachim.de/httpdocs INIT_VERSION=sysvinit-2.85 PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin runlevel=3 RUNLEVEL=3 PWD=/tmp 
LANG=en_US.UTF-8 previous=N PREVLEVEL=N PSA_RUN_MODE=1 SHLVL=7 OPENSSL_CONF=/usr/local/psa/admin/conf/openssl.cnf _=/usr/bin/perl
but we could not excalty figure out how it works....maybe anybody can explain we what happens there and how could we close this???

THX and best regards
ACID25
 
Hi


yes the domain was hacked through a unsecure php script...

regards
ACID25

thread can be closed!
 
You must log in or register to reply here.

Similar threads

tkalfaoglu
Resolved Strange error dump after CLI IP change operation
Replies
1
Views
1K
IgorG
IgorG
D
Issue Having a problem accessing perl on a website
Replies
2
Views
1K
Deleted member 174786
D
J
Perl errors after Plesk 10.4.4 Upgrade
Replies
1
Views
3K
JMB8877
J
M
Data Migration fails with Plesk tools - searching for other possibilities
Replies
10
Views
5K
TechnikA
T
D
sql ledger error
Replies
0
Views
2K
danliker
D
Back
Top